PHP: Composer 依赖管理 Composer Cheat Sheet for developers 安装和用法

简单来说,Composer 是一个新的安装包管理工具,服务于 PHP 生态系统。它实际上包含了两个部分:ComposerPackagist。下面我们就简单说一下他们各自的用途。

Composer

Composer 是由 Jordi Boggiano 和 Nils Aderman 创造的一个命令行工具,它的使命就是帮你为项目自动安装所依赖的开发包。Composer 中的很多理念都借鉴自 npmBundler,如果你对这两个工具有所了解的话,就会在 composer 中发现他们的身影。Composer 包含了一个依赖解析器,用来处理开发包之间复杂的依赖关系;另外,它还包含了下载器、安装器等有趣的东西。

对于现代语言而言,包管理器基本上是标配。Java 有 Maven,Python 有 pip,Ruby 有 gem,Nodejs 有 npm。PHP 的则是 PEAR,不过 PEAR 坑不少:

  • 依赖处理容易出问题
  • 配置非常复杂
  • 难用的命令行接口

好在我们有 Composer,PHP依赖管理的利器。它是开源的,使用起来也很简单,提交自己的包也很容易。

安装 Composer

Composer 需要 PHP 5.3.2+ 才能运行。

$ curl -sS https://getcomposer.org/installer | php

这个命令会将 composer.phar 下载到当前目录。PHAR(PHP 压缩包)是一个压缩格式,可以在命令行下直接运行。

你可以使用 --install-dir 选项将 Composer 安装到指定的目录,例如:

$ curl -sS https://getcomposer.org/installer | php -- --install-dir=bin

当然也可以进行全局安装:

$ curl -sS https://getcomposer.org/installer | php
$ mv composer.phar /usr/local/bin/composer

在 Mac OS X 下也可以使用 homebrew 安装:

brew tap josegonzalez/homebrew-php
brew install josegonzalez/php/composer

或者使用下面的方法:

Firstly install Brew on your MAC

Then install PHP

  • brew update
  • brew tap homebrew/dupes
  • brew tap homebrew/php
  • brew install php56
  • brew install composer

to test installation, runs:

$ composer -V

Composer version 1.1.2 2016-05-31 19:48:11


不过通常情况下只需将 composer.phar 的位置加入到 PATH 环境变量就可以,不一定要全局安装。

声明依赖

在项目目录下创建一个 composer.json 文件,指明依赖,比如,你的项目依赖 monolog

{
    "require": {
        "monolog/monolog": "1.2.*"
    }
}

安装依赖

安装依赖非常简单,只需在项目目录下运行:

composer install


如果没有全局安装的话,则运行:

php composer.phar install


自动加载

Composer 提供了自动加载的特性,只需在你的代码的初始化部分中加入下面一行:

require 'vendor/autoload.php';

模块仓库

packagist.org 是Composer的仓库,很多著名的 PHP 库都能在其中找到。你也可以提交你自己的作品

高级特性

以上介绍了 Composer 的基本用法。Composer 还有一些高级特性,虽然不是必需的,但是往往能给 PHP 开发带来方便。

项目主页

更多信息请访问 Composer 的官方主页或者中文站点

composer.phar most needed command line

$ php composer.phar require vendor-name/package-name
$ php composer.phar install
$ php composer.phar update
$ php composer.phar update --lock
$ php composer.phar dump-autoload --optimize

other commands

$ php composer.phar about
$ php composer.phar archive
$ php composer.phar browse
$ php composer.phar clear-cache
$ php composer.phar config --list
$ php composer.phar create-project symfony/standard-edition dir/
$ php composer.phar depends vendor-name/package-name
$ php composer.phar diagnose
$ php composer.phar global
$ php composer.phar help
$ php composer.phar init
$ php composer.phar licenses
$ php composer.phar list
$ php composer.phar remove
$ php composer.phar run-script
$ php composer.phar search my keywords
$ php composer.phar self-update
$ php composer.phar show
$ php composer.phar suggest
$ php composer.phar status
$ php composer.phar validate

composer.json file

{
    "name": "vendor-name/project-name",
    "description": "This is a very cool package!",
    "version": "0.3.0",
    "type": "library",
    "keywords": ["logging", "cool", "awesome"],
    "homepage": "http://jolicode.com",
    "time": "2012-12-21",
    "license": "MIT",
    "authors": [
        {
            "name": "Xavier Lacot",
            "email": "xlacot@jolicode.com",
            "homepage": "http://www.lacot.org",
            "role": "Developer"
        },
        {
            "name": "Benjamin Clay",
            "email": "bclay@jolicode.com",
            "homepage": "https://github.com/ternel",
            "role": "Developer"
        }
    ],
    "support": {
        "email": "support@exemple.org",
        "issues": "https://github.com/jolicode/jane/issues",
        "forum": "http://www.my-forum.com/",
        "wiki": "http://www.my-wiki.com/",
        "irc": "irc://irc.freenode.org/composer",
        "source": "https://github.com/jolicode/jane",
        "docs": "https://github.com/jolicode/jane/wiki"
    },
    "require": {
        "monolog/monolog": "1.0.*",
        "joli/ternel": "@dev",
        "joli/ternel-bundle": "@stable",
        "joli/semver": "^2.0",
        "joli/package": ">=1.0 <1.1",
        "acme/foo": "dev-master#2eb0c097"
    },
    "require-dev": {
        "debug/dev-only": "1.0.*"
    },
    "conflict": {
        "another-vendor/conflict": "1.0.*"
    },
    "replace": {
        "debug/dev-only": "1.0.*"
    },
    "provide": {
        "debug/dev-only": "1.0.*"
    },
    "suggest": {
        "jolicode/gif-exception-bundle": "For fun!"
    },
    "autoload": {
        "psr-4": {
            "Monolog\\": "src/",
            "Vendor\\Namespace\\": ""
        },
        "psr-0": {
            "Monolog": "src/",
            "Vendor\\Namespace": ["src/", "lib/"],
            "Pear_Style": "src/",
            "": "src/"
        },
        "classmap": ["src/", "lib/", "Something.php"],
        "files": ["src/MyLibrary/functions.php"]
    },
    "autoload-dev": {
        "psr-0": {
            "MyPackage\\Tests": "test/"
        }
    },
    "target-dir": "Symfony/Component/Yaml",
    "minimum-stability": "stable",
    "repositories": [
        {
            "type": "composer",
            "url": "http://packages.example.com"
        },
        {
            "type": "vcs",
            "url": "https://github.com/Seldaek/monolog"
        },
        {
            "type": "pear",
            "url": "http://pear2.php.net"
        },
        {
            "type": "package",
            "package": {
              "name": "smarty/smarty",
              "version": "3.1.7",
              "dist": {
                "url": "http://www.smarty.net/Smarty-3.1.7.zip",
                "type": "zip"
              },
              "source": {
                "url": "http://smarty-php.googlecode.com/svn/",
                "type": "svn",
                "reference": "tags/Smarty_3_1_7/distribution/"
              }
            }
        },
        {
            "type": "artifact",
            "url": "path/to/directory/with/zips/"
        },
        {
            "type": "path",
            "url": "../../packages/my-package"
        }
    ],
    "config": {
        "process-timeout": 300,
        "use-include-path": false,
        "preferred-install": "auto",
        "store-auths": "prompt",
        "github-protocols": ["git", "https", "http"],
        "github-oauth": {"github.com": "oauthtoken"},
        "gitlab-oauth": {"gitlab.com": "oauthtoken"},
        "github-domains": ["entreprise-github.me.com"],
        "gitlab-domains": ["entreprise-gitlab.me.com"],
        "github-expose-hostname": true,
        "disable-tls": false,
        "cafile": "/var/certif.ca",
        "capath": "/var/",
        "http-basic": {"me.io":{"username":"foo","password":"bar"},
        "platform": {"php": "5.4", "ext-something": "4.0"},
        "vendor-dir": "vendor",
        "bin-dir": "bin",
        "data-dir": "/home/ternel/here",
        "cache-dir": "$home/cache",
        "cache-files-dir": "$cache-dir/files",
        "cache-repo-dir": "$cache-dir/repo",
        "cache-vcs-dir": "$cache-dir/vcs",
        "cache-files-ttl": 15552000,
        "cache-files-maxsize": "300MiB",
        "bin-compat": "auto",
        "prepend-autoloader": true,
        "autoloader-suffix": "pony",
        "optimize-autoloader": false,
        "sort-packages": false,
        "classmap-authoritative": false,
        "notify-on-install": true,
        "discard-changes": false,
        "archive-format": "tar",
        "archive-dir": "."
    },
    "archive": {
        "exclude": ["/foo/bar", "baz", "/*.test", "!/foo/bar/baz"]
    },
    "prefer-stable": true,
    "scripts": {
        "pre-install-cmd": "MyVendor\\MyClass::doSomething",
        "post-install-cmd": [
            "MyVendor\\MyClass::warmCache",
            "phpunit -c app/"
        ],
        "pre-update-cmd": "MyVendor\\MyClass::doSomething",
        "post-update-cmd": "MyVendor\\MyClass::doSomething",
        "pre-status-cmd": "MyVendor\\MyClass::doSomething",
        "post-status-cmd": "MyVendor\\MyClass::doSomething",
        "pre-package-install": "MyVendor\\MyClass::doSomething",
        "post-package-install": [
            "MyVendor\\MyClass::postPackageInstall"
        ],
        "pre-package-update": "MyVendor\\MyClass::doSomething",
        "post-package-update": "MyVendor\\MyClass::doSomething",
        "pre-package-uninstall": "MyVendor\\MyClass::doSomething",
        "post-package-uninstall": "MyVendor\\MyClass::doSomething",
        "pre-autoload-dump": "MyVendor\\MyClass::doSomething",
        "post-autoload-dump": "MyVendor\\MyClass::doSomething",
        "post-root-package-install": "MyVendor\\MyClass::doStuff",
        "post-create-project-cmd": "MyVendor\\MyClass::doThis",
        "pre-archive-cmd": "MyVendor\\MyClass::doSomething",
        "post-archive-cmd": "MyVendor\\MyClass::doSomething",
    },
    "extra": { "key": "value" },
    "bin": ["./bin/toto"]
}

 

Composer 是新一代的PHP依赖管理工具。其介绍和基本用法可以看这篇《Composer PHP依赖管理的新时代》。本文介绍使用Composer的五个小技巧,希望能给你的PHP开发带来方便。

1. 仅更新单个库

只想更新某个特定的库,不想更新它的所有依赖,很简单:

composer update foo/bar


此外,这个技巧还可以用来解决“警告信息问题”。你一定见过这样的警告信息:

Warning: The lock file is not up to date with the latest changes in composer.json, you may be getting outdated dependencies, run update to update them.

擦,哪里出问题了?别惊慌!如果你编辑了composer.json,你应该会看到这样的信息。比如,如果你增加或更新了细节信息,比如库的描述、作者、更多参数,甚至仅仅增加了一个空格,都会改变文件的md5sum。然后Composer就会警告你哈希值和composer.lock中记载的不同。

那么我们该怎么办呢?update命令可以更新lock文件,但是如果仅仅增加了一些描述,应该是不打算更新任何库。这种情况下,只需update nothing

$ composer update nothing
Loading composer repositories with package information
Updating dependencies
Nothing to install or update
Writing lock file
Generating autoload files

这样一来,Composer不会更新库,但是会更新composer.lock。注意nothing并不是update命令的关键字。只是没有nothing 这个包导致的结果。如果你输入foobar,结果也一样。

如果你用的Composer版本足够新,那么你可以直接使用--lock选项:

composer update --lock


2. 不编辑composer.json的情况下安装库

你可能会觉得每安装一个库都需要修改composer.json太麻烦,那么你可以直接使用require命令。

composer require "foo/bar:1.0.0"

这个方法也可以用来快速地新开一个项目。init命令有--require选项,可以自动编写composer.json:(注意我们使用-n,这样就不用回答问题)

$ composer init --require=foo/bar:1.0.0 -n
$ cat composer.json
{
    "require": {
        "foo/bar": "1.0.0"
    }
}

3. 派生很容易

初始化的时候,你试过create-project命令么?

composer create-project doctrine/orm path 2.2.0


这会自动克隆仓库,并检出指定的版本。克隆库的时候用这个命令很方便,不需要搜寻原始的URI了。

4. 考虑缓存,dist包优先

最近一年以来的Composer会自动存档你下载的dist包。默认设置下,dist包用于加了tag的版本,例如"symfony/symfony": "v2.1.4",或者是通配符或版本区间,"2.1.*"">=2.2,<2.3-dev"(如果你使用stable作为你的minimum-stability)。

dist包也可以用于诸如dev-master之类的分支,Github允许你下载某个git引用的压缩包。为了强制使用压缩包,而不是克隆源代码,你可以使用installupdate--prefer-dist选项。

下面是一个例子(我使用了--profile选项来显示执行时间):

$ composer init --require="twig/twig:1.*" -n --profile
Memory usage: 3.94MB (peak: 4.08MB), time: 0s

$ composer install --profile
Loading composer repositories with package information
Installing dependencies
  - Installing twig/twig (v1.12.2)
    Downloading: 100%

Writing lock file
Generating autoload files
Memory usage: 10.13MB (peak: 12.65MB), time: 4.71s

$ rm -rf vendor

$ composer install --profile
Loading composer repositories with package information
Installing dependencies from lock file
  - Installing twig/twig (v1.12.2)
    Loading from cache

Generating autoload files
Memory usage: 4.96MB (peak: 5.57MB), time: 0.45s

这里,twig/twig:1.12.2的压缩包被保存在~/.composer/cache/files/twig/twig/1.12.2.0-v1.12.2.zip。重新安装包时直接使用。

5. 若要修改,源代码优先

当你需要修改库的时候,克隆源代码就比下载包方便了。你可以使用--prefer-source来强制选择克隆源代码。

composer update symfony/yaml --prefer-source


接下来你可以修改文件:

composer status -v
You have changes in the following dependencies:
/path/to/app/vendor/symfony/yaml/Symfony/Component/Yaml:
    M Dumper.php

当你试图更新一个修改过的库的时候,Composer会提醒你,询问是否放弃修改:

$ composer update
Loading composer repositories with package information
Updating dependencies
  - Updating symfony/symfony v2.2.0 (v2.2.0- => v2.2.0)
    The package has modified files:
    M Dumper.php
    Discard changes [y,n,v,s,?]?

为生产环境作准备

最后提醒一下,在部署代码到生产环境的时候,别忘了优化一下自动加载:

composer dump-autoload --optimize

安装包的时候可以同样使用--optimize-autoloader。不加这一选项,你可能会发现20%到25%的性能损失

如果你需要帮助,或者想要了解某个命令的细节,你可以阅读官方文档或者中文文档,也可以查看JoliCode做的这个交互式备忘单

更多中文命令行: http://docs.phpcomposer.com/03-cli.html

 

本文:PHP: Composer 依赖管理 Composer Cheat Sheet for developers